[jboss-user] [JBossWS] - Re: Error SAP WS-Security client calling JBoss Security WS
enpasos
do-not-reply at jboss.com
Fri Aug 15 14:10:25 EDT 2008
Requiring "ValueType to be set" breaks the wsse standard 1.0 and 1.1!!!
(tested in jbossws-3.0.1-native-204.GA)
Please change. Thanks a lot.
See ...
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf
page 22, lines 702 - 708
702 /wsse:SecurityTokenReference/wsse:Reference/@ValueType
703 This optional attribute specifies a URI that is used to identify the type of token being
704 referenced. This specification does not define any processing rules around the usage of
705 this attribute, however, specifications for individual token types MAY define specific
706 processing rules and semantics around the value of the URI and how it SHALL be
707 interpreted. If this attribute is not present, the URI MUST be processed as a normal URI.
708 The usage of ValueType is RECOMMENDED for references with local URIs.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4170841#4170841
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4170841
More information about the jboss-user
mailing list